A PLD (programmable logic device) is an integrated circuit structure that performs digital logic functions selected by a designer. PLDs include logic blocks and interconnect lines and typically both the logic blocks and interconnections are programmable. One common type of PLD is an FPGA (field programmable logic device), in which the logic blocks typically include lookup tables and flip flops, and can typically generate and store any function of their input signals. Another type is the CPLD (complex programmable logic device) in which the logic blocks perform the AND function and the OR function and the selection of input signals is programmable.
Problem with Storing Bitstream External to PLD
Designs implemented in PLDs have become complex, and it often takes months to complete and debug a design to be implemented in a PLD. When the design is going into a system of which the PLD is a part and is to be sold for profit, the designer does not want the result of this design effort to be copied by someone else. The designer often wants to keep the design a trade secret. Many PLDs, particularly FPGAs, use volatile configuration memory that must be loaded from an external device such as a PROM every time the PLD is powered up. Since configuration data is stored external to the PLD and must be transmitted through a configuration access port, the privacy of the design can easily be violated by an attacker who monitors the data on the configuration access port, e.g. by putting probes on board traces.
Current Solutions and Their Disadvantages
Efforts have been made to encrypt designs, but it is difficult to make the design both secure from attackers and easy to use by legitimate users. The encryption algorithm is not a problem. Several encryption algorithms, for example, the standard Data Encryption Standard (DES) and the more secure Advanced Encryption Standard (AES) algorithm, are known for encrypting blocks of data. The process of cipher block chaining (CBC), in which an unencrypted data word is XORed with the next encrypted data word before decryption allows the DES or AES to encrypt a serial stream of data and these are therefore appropriate for encrypting a bitstream for configuring a PLD. A key used for encrypting the design must somehow be communicated in a secure way between the PLD and the structure that decrypts the design, so the design can be decrypted by the PLD before being used to configure the PLD. Then, once the PLD has been configured using the unencrypted design, the design must continue to be protected from unauthorized discovery.
A Nov. 24, 1997 publication by Peter Alfke of Xilinx, Inc. entitled “Configuration Issues: Power-up, Volatility, Security, Battery Back-up” describes several steps that can be taken to protect a design in an existing FPGA device having no particular architectural features within the FPGA to protect the design. Loading design configuration data into the FPGA and then removing the source of the configuration data but using a battery to maintain continuous power to the FPGA while holding the FPGA in a standby non-operational mode is one method. However, power requirements on the battery make this method impractical for large FPGA devices.
Nonvolatile configuration memory is another possibility. If the design is loaded at the factory before the device is sold, it is difficult for a purchaser of the configured PLD device to determine what the design is. However, a reverse engineering process in which the programmed device is decapped, metal layers are removed, and the nonvolatile memory cells are chemically treated can expose which memory cells have been charged and thus can allow an attacker to learn the design. Further, nonvolatile memory requires a more complex and more expensive process technology than standard CMOS process technology, and takes longer to bring to market.
It is also known to store a decryption key in nonvolatile memory in a PLD, load an encrypted bitstream into the PLD and decrypt the bitstream using the key within the PLD. This prevents an attacker from reading the bitstream as it is being loaded into the PLD, and does retain the key when power is removed from the PLD. Such an arrangement is described by Austin in U.S. Pat. No. 5,388,157. But this structure does not protect the user's design from all modes of attack.
In addition to design protection, some users need data protection. They may have generated data within the PLD that should not be lost when the PLD loses power. It is desirable to protect such data.
There remains a need for a design protection method that is convenient, reliable, and secure.